Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-129

CWE-129

High likelihood

Improper Validation of Array Index

Parent: CWE-1285 - Improper Validation of Specified Index, Position, or Offset in Input

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

572 vulnerabilities with CWE-129

CVE-2022-42255 MEDIUM

NVIDIA Virtual GPU < 11.11 and Cloud Gaming < 525.60.11 - Out-of-Bounds Array Access in Kernel Mode Layer

CVE-2022-42254 MEDIUM

NVIDIA GPU Display Driver 470-470.161.03 - Out-of-bounds Read in Kernel Mode Layer

CVE-2022-31745 MEDIUM

Firefox < 101.0 - Use-After-Free via Garbage Collector Array Shift Confusion

CVE-2022-2951 HIGH

Altair HyperView Player < 2021.1.0.27 - Memory Corruption via H3D File Processing

CVE-2022-25711 MEDIUM

Qualcomm Firmware - Memory Corruption in Camera via Array Index Validation Issue

CVE-2022-25695 HIGH

Qualcomm APQ8009 Firmware - Memory Corruption via GSTK Proactive Command Processing

CVE-2022-46152 HIGH

OP-TEE Trusted OS <3.19.0 - Buffer Overflow

CVE-2022-25720 CRITICAL

Qualcomm APQ8009 and related firmware - Memory Corruption via WLAN Out-of-Bounds Array Access

CVE-2022-42011 MEDIUM

Freedesktop Dbus < 1.12.24 - Improper Array Index Validation

CVE-2022-25690 HIGH

Qualcomm Firmware - Information Disclosure via ANQP Action Frame Array Index Validation

CVE-2022-22099 HIGH

Snapdragon Auto - Memory Corruption

CVE-2022-35737 HIGH

SQLite 1.0.12-3.39.x - Array Index Overflow via String Argument to C API

CVE-2022-31135 MEDIUM

Akashi < 1.4 - Denial of Service via Crafted Evidence Packet

CVE-2022-31603 MEDIUM

NVIDIA DGX A100 Firmware < 22.5.5 - Authenticated Code Execution via IpSecDxe Array Index

CVE-2022-30763 HIGH

janet < 1.22.0 - Improper Validation of Array Index

CVE-2022-1237 HIGH

radare2 < 5.6.8 - Heap Overflow via Improper Array Index Validation

CVE-2022-27223 HIGH

Linux Kernel < 5.16.12 - Out-of-Bounds Write via USB Gadget Endpoint Index

CVE-2022-26100 CRITICAL

SAPCAR 7.22 - Denial of Service and Privilege Escalation via Archive Input Validation

CVE-2022-21310 MEDIUM

Oracle MySQL Cluster <= 7.4.34, <= 7.5.24, <= 7.6.20, <= 8.0.27 - Authenticated Remote Code Execution

CVE-2021-4439 HIGH

Linux Kernel < 4.4.290 - Array Index Out-of-Bounds in ISDN CAPI Controller Detachment

CVE-2021-47548 CRITICAL

Linux Kernel < 4.9.292 - Array Index Validation Bypass in hns_dsaf_ge_srst_by_port

CVE-2021-47547 MEDIUM

Linux Kernel < 4.4.294 - Out-of-Bounds Array Access in Tulip DE4X5 PHY ID Handling

CVE-2021-47449 HIGH

Linux Kernel 5.14.4-5.14.14 - Deadlock via Tx Timestamp Tracking Flush

CVE-2021-47135 HIGH

Linux Kernel 5.12-5.12.9 - Array Index Out-of-Bounds Access in mt7921_mcu_tx_rate_report

CVE-2021-47065 HIGH

Linux Kernel rtw88 - Array Index Out-of-Bounds in rtw_get_tx_power_params

Previous Page 13 of 23 Next

Details

Vulnerabilities 572

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy